package com.cy.milktea.config;

import com.cy.milktea.config.system.RedisSessionDao;
import com.cy.milktea.pojo.System.ShiroRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


@Configuration
public class ShiroConfig {

    @Bean
    public Realm realm() {
        return new ShiroRealm();
    }

    @Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {

        DefaultShiroFilterChainDefinition filters = new DefaultShiroFilterChainDefinition();
        filters.addPathDefinition("/consumer/**", "anon");   //--->顾客可以匿名访问
        filters.addPathDefinition("/login", "anon");
        filters.addPathDefinition("/logout", "anon");
        filters.addPathDefinition("/**", "authc");
        return filters;
    }

    //解决controller代理对象的问题
    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator daapc = new DefaultAdvisorAutoProxyCreator();
        // controller不能用aop代理对象,需要设置setUsePrefix为true(默认的是false)
        daapc.setUsePrefix(true);
        return daapc;
    }


    // 注入自定义的sessionManager
    @Bean("sessionManager")
    public DefaultWebSessionManager defaultWebSessionManager(RedisSessionDao redisSessionDao) {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        sessionManager.setGlobalSessionTimeout(RedisSessionDao.expireTime);
        sessionManager.setDeleteInvalidSessions(true);
        sessionManager.setSessionDAO(redisSessionDao);
        sessionManager.setSessionValidationSchedulerEnabled(true);
        return sessionManager;
    }


}
